Hosting a virtual event can be a challenging prospect for the unfamiliar, but it's quickly become the norm due to the global pandemic. That makes it an important skill for eventprofs to master. Here are 37 virtual event ideas to inspire your upcoming events.
Event Management UI. The field in the input table that contains the y-coordinates (or latitude). The name of the output point event layer. Spatial Reference. (Optional) The spatial reference of the coordinates specified in the X Field and Y Field parameters. This will be the output event layer's spatial reference. The event manager applet command creates/edits an event manager applet, a process that links events with actions and output. The is limited to 32 characters and cannot have spaces. This enters an event manager applet submode. ASA(config)# no event manager applet A description can be added to an applet. This is for informational.
2020 has been a big year for virtual events, although the format is still relatively new to many eventprofs. Virtual engagement has been one of eventprofs' biggest struggles throughout this transition, so it's essential to keep things fresh and exciting to distinguish virtual events from basic webinars and keep attendees interested.
It's possible to host successful, profitable virtual events, and being able to do so is becoming increasingly important as most live events are indefinitely on hold. With this in mind, here are 40 ideas for virtual events to take inspiration from when planning your next online event.
Fun Virtual Event Ideas
Real-Time Illustrations During Sessions
Bringing artists on board to create real-time illustrations — known as digital live scribing — is a great way to engage your audience with a unique type of content.
These talented illustrators create artwork live as panel discussions go on, providing a graphical representation of the speakers and takeaways that are entertaining, informative, and most importantly, widely shareable/postable. These illustrations can also be used in any future marketing materials.
Live Games or Competitions
As part of Salesforce’s World Tour Sydney Reimagined virtual event, they implemented a live 'battle of the apps' competition between exhibitors — complete with audience voting — called AppExchange Demo Jam.
During this session, Salesforce AppExchange partners were given three minutes each to do a live demo demonstrating their apps. The audience was then asked to vote for their favorite, and the winner was announced on Twitter the next day.
Featuring sponsors and exhibitors through this kind of competition is a creative way to provide engaging demos while also getting the audience involved. Plus, this kind of activity will have people checking back to and engaging with the event's social media pages to see who won.
Virtual Concert
Just because you've brought your event online doesn't mean that you need to forego entertainment. Certain virtual event entertainment opportunities, such as musical performances, can translate very well to virtual events.
EventMB has integrated musical guests into several of our events, which adds a fun element and helps keep the audience engaged. People are missing concerts and other in-person experiences, so incorporating a performance of some sort is a nice way to bring entertainment directly to them. Just like every other part of the industry, event entertainment companies are pivoting to virtual and can assist with bringing different types of entertainment to your online event.
Health and Wellbeing Activities
Many people have been struggling with physical and mental health during the pandemic, and incorporating these types of activities into your event is a good way to switch things up and deliver unexpected value to attendees.
Depending on the format of your event, you could organize a short workout or meditation break in between sessions, or have a separate stream for these kinds of activities that attendees can tune into throughout the event for a change of pace. In our Hybrid Revolution Summit virtual event, we included a fun workout break to get everyone moving, which was a big hit with attendees!
Build Unique Immersive Environments
The SBC Digital Summit that took place earlier this year took the virtual concept one step further by designing their virtual space based on a physical conference center. For example, the Networking Lounge feature looked like an actual lounge with chat windows that attendees could interact with.
Although not quite VR, these environments allowed attendees to feel familiar aspects of event spaces through the virtual format instead of just clicking through screens and videos that all look the same. Using design elements to give your event a unique look and feel will help set your event apart and serve to distinguish various spaces within the event as well.
Attract Star Talent
If content is King, delivery is Queen. There’s so much more to consider in virtual events, but especially for very content heavy events, the delivery needs to be an 11 out of 10.
Get star hosts, moderators, and speakers that can own the virtual setting and encourage engagement throughout the event. Do your research to optimize who is delivering your content and how to energize the audience and create an exciting atmosphere.
Virtual Social Event Ideas
Cooking or Cocktail Class
Virtual cooking or cocktail classes are fun options for a social event. All you need to do is find a cook or mixologist, and have everyone join in from their kitchens. Since the pandemic hit, people can't go out and socialize like they used to.
By providing a cooking or mixology class, you can give attendees much-needed social contact while allowing them to learn some new skills, all from the comfort of their home. Consider sending kits in advance so that participants will have everything they need for the class, or at the very least, provide a list of ingredients for them to prepare.
Virtual Trivia Night
Trivia is a quintessential game night option, and it's relatively easy to do online. A little healthy competition is always fun, and people love showing off their random knowledge. Come up with a theme to set the stage for the event, and in order to help build excitement around it, divide participants into teams ahead of time so they know who they'll be playing with — and against.
If you're new to virtual events, there are professional services that organize online trivia games and are therefore experienced at hosting the game and energizing attendees.
Online Murder Mystery
This is a digital take on the classic murder mystery dinner party, where guests attend as different characters and must work to reveal the murderer among them. This activity is not only a fun game, but it also forces players to work together, so it can be ideal for team building.
Several companies now run virtual murder mysteries and can help when it comes to planning and running this type of event, as it can be quite complex. Some even take place over several months, which can be a great way to keep employees connected during long stretches of remote work.
Team Movie Night
Get everyone together for a movie night by having people vote on a selection of movies and watch it at the same time, even if they're not physically being together. Going to the movies is another activity that's been made difficult, if not impossible, by the pandemic, but there's no need to leave the house for a fun movie night with friends or coworkers.
Have everyone join a conference call from which you'll be streaming the movie, or simply have everyone start at the same time and join a group chat to discuss as they watch.
Virtual Fundraising Event Ideas
Hashtag Donation
Use this idea to show that all donations matter, regardless of size. This is a virtual event where you encourage participants to join you in giving something up and donating that amount to your cause instead. For instance, a daily can of soda is $.50. They can then give that money to your cause and use a hashtag to challenge others to do the same (though depending on the processing fees and your target audience, you may want to aim higher — a latte, perhaps).
This works because it’s virtual and a challenge. It’s difficult to ignore when someone calls you out. Use an easy mobile app to encourage people to give and make sure you share all of the mentions of people doing so on your behalf.
Head Shaves and Other Dares
YouTubers use this method all the time. Gives us votes (or money, in this case), and you can watch us do something crazy. This is a great option for a virtual fundraiser since people are fascinated by others who will do something wild in support of a good cause, and it's easy to stream the dares online for people to watch.
Get creative with who you’ll have to do what, and make sure everything you're planning to do is feasible given current Covid restrictions. In addition, think about the audience and what they’d want to see — a head shave might not be as effective as a food dare.
Virtual Activity-a-Thon
Marathons and runs are popular fundraising events, but gathering large groups of people together during a pandemic is not permissible. However, the concept of a fundraising run (or walk-a-thon) can be translated to virtual. All kinds of home-based athletic activities are conducive to the same spirit. Try a home-based yogathon. A mindful meditatathon.
If you do want to keep it a run, simply have participants complete the challenge on their own and donate money based on how much they've run or walked.
Not only does this help your organization, but it's also a way to get people moving and — hopefully — get outside. Ask participants to share photos of themselves running or walking on social media to further build awareness around the cause and get others involved.
Social Media Challenge
Social media challenges, especially on platforms like TikTok and Instagram, can be incredibly effective when it comes to fundraising and building awareness. Most importantly, they can be done virtually. Think of a fun challenge that you can encourage supporters to take part in and share with others, similar to the ice bucket challenge that went viral and raised money for ALS.
Younger audiences spend a lot of time on social channels and love participating in challenges that they can do or share with their friends. Leverage this to get the word out about your cause. Make sure you have a clear donation page to direct people to and establish a dedicated hashtag.
Virtual Gala
Galas are another common fundraising idea, and they can still work as virtual events. Invite guests to join for remarks from your organization and a keynote presentation while sharing a meal (virtually). This is a welcome excuse for attendees to get dressed up, even if they're not leaving the house, and contribute to your cause.
If possible, try to deliver a treat or a bottle of wine to attendees beforehand for them to enjoy during the event. You can also hold activities online that you normally would at your gala, such as virtual auctions or raffles.
Video Game Challenge
Host an online video game tournament with an entry fee, and split the pot with the winner. Video games are at the center of a billion-dollar industry — there are even some colleges that are creating eSports teams. Casual and hardcore gamers with disposable, video game-buying incomes are a largely under-tapped charitable giving market.
Since video games inherently take place online, they're perfect to leverage for a virtual fundraiser. Use a game that fits your audience or ask people or sponsors to provide others to play.
Virtual Networking Event Ideas
AI-Generated Connection Recommendations
Virtual networking is one of the most difficult aspects to get right during online events. AI-generated recommendations for who to connect with based on common interests or experiences can be a very useful feature to have in order to make sure that attendees are connecting and networking virtually.
People can't simply run into each other online the way they can at a physical event, so prompting them with suggestions will help keep them engaged and ensure they get the most out of the event. Many virtual event platforms now offer this feature, so keep an eye out for it when considering your options.
Speed Networking
Like speed dating, speed networking allows attendees to meet with each other for a short amount of time in order to make connections. Attendees are paired off in private virtual rooms to begin a conversation, then are rotated out to ensure they can make as many connections as possible.
This allows attendees to easily meet people at an online event and has the added benefit of being quick — and therefore more engaging. Simply set a time for attendees to join the activity and enable them to connect with each other or share contact information during their conversations.
Best results use a platform that allows attendees to follow up with one another and schedule longer meetings if they feel it would be productive.
Birds of a Feather Breakout Sessions
One of the most effective virtual networking ideas is birds of a feather sessions, which are targeted breakout sessions that allow attendees to meet and discuss a particular topic. These are particularly valuable for virtual events as they facilitate connections between like-minded individuals who likely wouldn't have ended up meeting otherwise.
Birds of a feather sessions can be on any topic that makes sense based on your event and can also include speakers. It's also a good idea to limit attendance to ensure a more intimate gathering. A fun bonus could be inviting experts on particular topics or themes to facilitate discussion.
Gamify Connections
Incorporating gamification is a great way to engage attendees digitally — particularly when it comes to networking. Gamification helps encourage audience interaction and also makes the event more fun for attendees.
Award points for certain actions such as making a certain number of connections or attending networking sessions. Consider also including prizes or perks for those who rack up the most points to add an extra element of competition and motivation.
Pre-Event Chat Rooms
If your event platform includes any type of chat or social feed function, consider enabling it before the event so that attendees can begin networking and introducing themselves. Part of the value of virtual platforms is that they can work to engage attendees not just during the event, but before and after as well.
By opening communication channels between attendees before the event actually starts, you can begin to build a community around the event and make people feel more comfortable with the ecosystem and their peers before it goes live.
Audio-Only Discussions
Audio-only social networks or audio-first events are on the rise because people have Zoom fatigue. The amount of effort that’s required for us to participate in Zoom is a disadvantage for the format. Audio-first apps facilitate spontaneous networking as they allow people to have conversations while they’re walking the dog or taking care of the kids. It’s happening in an ambient way.
Imagine a virtual event running for five days with scattered keynotes throughout, but the audio rooms are open all the time for people to have chats. It’s a lower-cost and easier way to get people engaged.
Virtual Event Sponsorship Ideas
Branded Breakouts and Break Areas
Depending on your platform's capabilities, you could offer sponsors their own dedicated live-stream feeds for value-based breakouts or for informal chats between sessions, where attendees would have the opportunity to engage with them.
These dedicated streams could also be used for break areas where networking can take place or to feature sponsored entertainment. Think about the different rooms and activities you would have if you were planning a normal live event, and try to incorporate as much as you can into the online version. Including several different streams is a great way to engage attendees by giving them options while also providing more advertising opportunities for sponsors.
Sell Banner and Pop-Up Ad Space on Your Live Stream
Your event’s live-stream can also be monetized through ad space that you can sell to sponsors. If your platform allows for them, banner and pop-up ads are a great way to incorporate additional branding opportunities for sponsors.
You may decide to have banners appear on the screen during presentations to highlight a certain sponsor, while pop-ups are ideal for between sessions since they're more disruptive.
Use them to provide links to the sponsor's website so attendees can find further information, since ad real-estate on pop-ups and banners tends to be limited.
Add Sponsorship to Event Apps
Event apps are increasingly vital parts of live events, and they can be used to engage remote attendees just as (if not more) effectively since the attendees' entire attention will be on their screens. Apps are great to include in sponsorship packages because they offer many opportunities for sponsor branding and messages.
Within the app, incorporate branded banners, pop-up ads or sponsored messages, and logos on different screens. If it makes sense for your event format, you can also offer a few sponsored push notifications on the app that remind attendees about sponsored sessions, or about a special sponsored offer. But be sure to use these sparingly or they'll lose their value.
Brand Transitions Between Speakers or Slides
When transitioning between slides, speakers, or even sessions, don't waste the opportunity to include sponsored branding. During presentations, you could add branded slides with logos, and if the sponsor is also a speaker, be sure to also include a headshot and sales contact.
Put up full screen ads thanking your sponsors during breaks, and for intermissions, consider rotating between several ads.
In general, keep text to a minimum and emphasize value — product images are always a good bet. In addition to the content of the slide that you'll be including, be sure to also negotiate the amount of time that it will be up for.
Get Sponsored Event Games to Boost Engagement
Tying your sponsorship to engagement is a great way to make sure people are paying attention to the brand and getting maximum exposure. That’s why sponsored games, raffles, drives, and collaborative activities work so well.
Event apps can greatly help with this as many include gamification features that can be used in a virtual environment. These can include icebreaker challenges in which points are allotted for connections made or scavenger hunts and quizzes in which points are allotted for finding information (among others).
Partner with Sponsors for CSR Initiatives
Whether you have a long history of fostering CSR initiatives or have shied away from them in the past, there is no better time to use cause marketing to partner with a sponsor and create a message that resonates with your audience. Use the event to promote positive social change with sponsorship dollars.
For example, instead of sponsoring the planting of trees, you could suggest that your sponsor donate a certain number of masks to a local hospital or support food banks or accommodations for the most vulnerable groups. Look for relevant organizations that you can donate to and encourage attendees to get involved as well.
Virtual Swag Bag Ideas
Offer Sponsored Virtual Event Bags
There exists such a thing as virtual swag bags, and now is a great time to explore the offerings. One idea is to give your sponsors the opportunity to curate what goes into attendees' swag bags, be it coupons or vouchers, a free trial for a software, or an online course. The bag would then be shared directly with your attendees for them to access via email, social media, or the event app, either before, during, or following the event.
Host a Giveaway
Giveaways are always a good way to increase engagement with attendees and can be a fun addition to a virtual event. Although it's not quite as simple as handing an attendee their prize, there are virtual goodies you can offer, and there's still the option of mailing physical incentives to attendees following the event.
For example, have participants share something about the event on social media using the dedicated event hashtag, or complete certain actions during the event. Using criteria like these helps increase brand awareness and also works to engage attendees, so it's a win for everyone.
Surprise Attendees with Home Delivery
Even for an in-person event, we send pre-event emails, but we have onsite reminders for guests to get the most out of their journey. As we don’t have that currently, we need guests to have everything they need to maximize their experience.
Try sending guest communication kits to enhance the senses — something virtual events just can’t achieve alone. You can send event information and swag, but also items such as
aromatherapy roller balls to invoke certain feelings, snacks, or laptop headphones. Delivering these directly is key and elevates the overall experience, heightening engagement with your event and the alignment with the brand.
Incentive Registrations With Swag
Offering swag to people who register for your event can help boost early registrations for and interest in your event. Everyone loves free stuff, and the promise of a gift can help prompt people to register for your event as well as share the opportunity with their network.
Advertise your swag and specify that only a certain number of people will receive it to encourage early registrations. This approach will also help create buzz for the event as you begin to market it.
Post-Event Thank You Gift
In addition to providing swag before and/or during your event, you may want to consider sending a thank you gift following the event. This is a nice way to acknowledge attendees and ensure that your brand stays top-of-mind a little while longer.
A post-event swag bag can include a thank you note, a link to download on-demand content, branded materials, and any information on upcoming events, including a discount if applicable.
Best Virtual Events
Provide High-Production Value Content On Demand
One of the best virtual event examples is Adobe's Summit, which was one of the first major virtual events at the beginning of the pandemic. Adobe decided to forego live streams for their recent Summit and went the prerecorded route instead. SEO firm Moz recently opted to do the same, although their on-demand content was monetized.
What prerecorded sessions may lack in real-time engagement they make up for in production value, as they benefit from the ability to be edited or enhanced. This can greatly improve certain speakers' performances. They also eliminate many common challenges of virtual events, such as connectivity issues during the event or people getting bored and tuning out of the live stream.
Create Exclusive Experiences
Exclusive, FOMO-inducing experiences are generally associated with physical events, but Rihanna's new Fenty Skin brand achieved a similar result with its launch over the summer. The launch consisted of a virtual house party in a high-end, immersive environment that attendees could explore and interact in.
This innovative approach made attendees feel like they were at an exclusive, high-end launch party while also learning more about the brand and its products. There was even a virtual dance floor, live chat, and bouncer to add to the experience.
Leverage Virtual Venues
Even if you don't have access to a dedicated virtual event platform, you can still create a memorable event environment using a virtual event studio to help with the production side of things. For their annual internal REEMEA conference, LEGO was limited to using Microsoft Teams for security purposes.
However, using a virtual production studio, they were able to create a 3D virtual LEGO studio that served as a backdrop for the sessions and allowed remote speakers to appear together onscreen. Virtual venues can be used to create similar immersive environments complete with lighting and high-quality video for all kinds of events.
Use Backdrops to Support Cohesion
Salesforce’s World Tour Sydney Reimagined virtual event, which took place in March, prioritized backdrops for their sessions, which were all notably in line with the event's 'world tour' theme — whether it was a beach, the mountains, or a cityscape.
A professional look and feel adds to an event's engagement potential and helps improve the virtual attendee experience by making your event look cohesive and consistent from start to finish. Ideally, every speaker would be provided with an image to set as their background, which can be used as a branding opportunity or a way to further incorporate the event theme.
IN CONCLUSION
Virtual events are here to stay, and new concepts are constantly being tested and improved upon. Use these ideas as a starting point, but don't be afraid to be creative and experiment, since we've only scratched the surface of what's possible with virtual events.
-->This guide helps you troubleshoot issues that Operations Manager agents have problem connecting to the management server in System Center 2012 Operations Manager (OpsMgr 2012) and later versions.
To learn more about Operations Manager agent and how they communicate with management servers, see Agents and Communication Between Agents and Management Servers.
Original product version: System Center 2012 Operations Manager
Original KB number: 10066
Check the Health Service
Whenever you experience connectivity problems in Operations Manager, first make sure that the Health Service is running without errors on both the client agent and the management server.To determine whether the service is running, follow these steps:
Press the Windows key+R.
In the Run box, type
services.msc
and press Enter.Find the Microsoft Monitoring Agent service, and then double-click it to open the Properties page.
Note
In System Center 2012 Operations Manager, the service name is System Center Management.
Make sure that the Startup type is set to Automatic.
Check whether Started is displayed in Service status. Otherwise, click Start.
Check antivirus exclusions
If the Health Service is up and running, the next thing is to confirm that antivirus exclusions are properly configured. For the latest information about recommended antivirus exclusions for Operations Manager, see Recommendations for antivirus exclusions that relate to Operations Manager).
Check network issues
In Operations Manager, the agent computer must be able to successfully connect to TCP port 5723 on the management server. If this is failing, you will likely receive event ID 21016 and 21006 on the client agent.
In addition to TCP port 5723, the following ports must be enabled:
- TCP and UDP port 389 for LDAP
- TCP and UDP port 88 for Kerberos authentication
- TCP and UDP port 53 for Domain Name Service (DNS)
Additionally, you must ensure that RPC communications complete successfully over the network. Problems with RPC communication usually manifest themselves when pushing an agent from the management server. RPC communication problems usually cause the client push to fail with an error similar to the following:
The Operation Manager Server failed to perform specified operation on computer agent1.contoso.com.
Operation: Agent Install
Install account: contosoAgent_action
Error Code: 800706BA
Error Description: The RPC server is unavailable
This error typically occurs when either non-standard ephemeral ports are used or when the ephemeral ports are blocked by a firewall. For example, if non-standard high range RPC ports have been configured, a network trace will show a successful connection to RPC port 135 followed by a connection attempt using a non-standard RPC port such as 15595. The following is an example:
18748 MS Agent TCP TCP: Flags=CE....S., SrcPort=52457, DstPort=15595, PayloadLen=0, Seq=1704157139, Ack=0, Win=8192
18750 MS Agent TCP TCP:[SynReTransmit #18748] Flags=CE....S., SrcPort=52457, DstPort=15595, PayloadLen=0, Seq=1704157139, Ack=0,
18751 MS Agent TCP TCP:[SynReTransmit #18748] Flags=......S., SrcPort=52457, DstPort=15595, PayloadLen=0, Seq=1704157139, Ack=0, Win=8192
In this example, since the port exemption for this non-standard range wasn't configured on the firewall, the packets are dropped and the connection fails.
In Windows Vista and later versions, the RPC high range ports are 49152-65535 so that's what we want to look for. To verify whether this is your issue, run the following command to see what RPC high port range is configured:
According to IANA standards, the output should look like this:
Protocol tcp Dynamic Port Range
---------------------------------
Start Port : 49152
Number of Ports : 16384
If you see a different Start Port, the problem may be that the firewall isn't configured correctly to allow traffic through these ports. You can change the configuration on the firewall or run the following command to set the high range ports back to their default values:
You can also configure the RPC dynamic port range through the registry. For more information, see How to configure RPC dynamic port allocation to work with firewalls.
If everything seems to be configured correctly and you still experience the error, it may be caused by one of the following conditions:
DCOM has been restricted to a certain port. To verify, run
dcomcnfg.exe
, go to My Computer > Properties > Default Protocols, ensure that there is no custom setting.WMI is configured to use a custom endpoint. To check if you have a static endpoint configured for WMI, run
dcomcnfg.exe
, go to My Computer > DCOM Config > Windows Management and Instrumentation > Properties > Endpoints, ensure that there is no custom setting.The agent computer is running the Exchange Server 2010 Client Access server role. The Exchange Server 2010 Client Access service changes the port range to 6005 through 65535. The range was expanded to provide sufficient scaling for large deployments. Don't change these port values without fully understanding the consequences.
For more information about port and firewall requirements, see Firewalls. You can also find the minimum required network connectivity speeds in the same article.
Note
Troubleshooting network problems is an extremely large issue, so it's best to consult a networking engineer if you suspect that an underlying network problem is causing your agent connectivity issues in Operations Manager. We also have some basic, generalized network troubleshooting information available from our Windows Directory Services support team available at Troubleshooting networks without NetMon.
Check certificate issues on the gateway server
Operations Manager requires that mutual authentication be performed between client agents and management servers prior to the exchange of information between them. To secure the authentication process, the process is encrypted. When the agent and the management server reside in the same Active Directory domain, or in Active Directory domains that have established trust relationships, they make use of the Kerberos v5 authentication mechanisms provided by Active Directory. When the agents and management servers do not lie within the same trust boundary, other mechanisms must be used to satisfy the secure mutual authentication requirement.
In Operations Manager, this is accomplished through the use of X.509 certificates issued for each computer. If there are many agent-monitored computers, this can result in high administrative overhead for managing all those certificates. In addition, if there is a firewall between the agents and management servers, multiple authorized endpoints must be defined and maintained in the firewall rules to allow communication between them.
To reduce the administrative overhead, Operations Manager has an optional server role called the Gateway Server. Gateway servers are located within the trust boundary of the client agents and can participate in the mandatory mutual authentication. Because gateways lie within the same trust boundary as the agents, the Kerberos v5 protocol for Active Directory is used between the agents and the gateway server, and each agent then communicates only with the gateway servers that it is aware of.
The gateway servers then communicate with the management servers on behalf of the clients. To support the mandatory secure mutual authentication between the gateway server and the management servers, certificates must be issued and installed but only for the gateway and management servers. This reduces the number of certificates required. In the case of an intervening firewall, it also reduces the number of authorized endpoints that need to be defined in the firewall rules.
The takeaway here is that if the client agents and management servers don't lie within the same trust boundary, or if a gateway server is used, the necessary certificates must be installed and configured correctly for agent connectivity to function properly. Here are some key things to check:
Confirm that the gateway certificate exists in Local Computer > Personal > Certificates on the management server to which the gateway or agent is connecting.
Confirm that the root certificate exists in Local Computer > Trusted Root Certification Authorities > Certificates on the management server to which the gateway or agent is connecting.
Confirm that the root certificate exists in Local Computer > Trusted Root Certification Authorities > Certificates on the gateway server.
Confirm that the gateway certificate exists in Local Computer > Personal > Certificates on the gateway server. Confirm that the gateway certificate exists in Local Computer > Operations Manager > Certificates on the gateway server.
Confirm that registry value
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMicrosoft Operations Manager3.0Machine SettingsChannelCertificateSerialNumber
exists and has the value of the certificate (from the Local Computer/Personal/Certificates folder within the details in the Serial number field) reversed within it on the gateway server.Confirm that registry value
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMicrosoft Operations Manager3.0Machine SettingsChannelCertificateSerialNumber
exists and has the value of the certificate (from the Local Computer/Personal/Certificates folder within the details in the Serial number field) reversed within it on the management server to which the gateway or agent is connecting.
You might receive the following event IDs in the Operations Manager event log when there is an issue with certificates:
- 20050
- 20057
- 20066
- 20068
- 20069
- 20072
- 20077
- 21007
- 21021
- 21002
- 21036
For details on how certificate-based authentication functions in Operations Manager, as well as instructions on how to obtain and configure the proper certificates, see Authentication and Data Encryption for Windows Computers.
Check for a disjointed namespace on the client agent
A disjoint namespace occurs when the client computer has a primary DNS suffix that doesn't match the DNS name of the Active Directory domain that the client belongs to. For example, a client that uses a primary DNS suffix of corp.contoso.com in an Active Directory domain that's named na.corp.contoso.com is using a disjoint namespace.
Event Manager X Mac
When the client agent or the management server has a disjointed namespace, Kerberos authentication can fail. Though this is an Active Directory issue and not an Operations Manager issue, it does affect agent connectivity.
For more information, see Disjoint Namespace.
To resolve the issue, use one of the following methods:
Method 1
Manually create the appropriate Service Principal Names (SPNs) for the affected computer accounts and include the host SPN for the fully qualified domain name (FQDN) together with the disjointed name suffix (HOST/machine.disjointed_name_suffix.local). Also update the DnsHostName
attribute for the computer to reflect the disjointed name (machine.disjointed_name_suffix.local) and enable registration for the attribute in a valid DNS zone on the DNS servers that Active Directory uses.
Method 2
Correct the disjointed namespace. To do this, change the namespace in the affected computer's properties to reflect the FQDN of the domain to which the computer belongs. Make sure that you are fully aware of the consequences of doing this before making any changes in your environment. For more information, see Transition from a Disjoint Namespace to a Contiguous Namespace.
Check for a slow network connection
If the client agent is running across a slow network connection, it may encounter connectivity issues due to the fact that there is a hard-coded timeout for authentication. To resolve this issue, install System Center 2012 Operations Manager SP1 Update Rollup 8 (assuming you're not already on System Center 2012 R2 Operations Manager), and then manually change the timeout value.
The UR8 update increases the server timeout to 20 seconds and the client timeout to 5 minutes.
For more information, see Update Rollup 8 for System Center 2012 Operations Manager Service Pack 1.
Note
This issue can also occur when there are time synchronization issues between the client agent and the management server.
Check for OpsMgr Connector problems
If everything else checks out, check the Operations Manager event log for any error events generated by the OpsMgr Connector. Common causes and resolutions for various OpsMgr Connector events are listed below.
Event ID 21006 and 21016 appear on the client agent
Examples of these events:
Source: OpsMgr Connector
Date: Time
Event ID: 21006
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: <ComputerName>
Description: The OpsMgr Connector could not connect to <ManagementServer>:5723. The error code is 10060L (A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.). Please verify there is network connectivity, the server is running and has registered its listening port, and there are no firewalls blocking traffic to the destination.
Log Name: Operations Manager
Source: OpsMgr Connector
Date: Time
Event ID: 21016
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: <ComputerName>
Description: OpsMgr was unable to set up a communications channel to <ManagementServer> and there are no failover hosts. Communication will resume when <ManagementServer> is available and communication from this computer is allowed.
Usually these event IDs are generated because the agent hasn't received configuration. After a new agent is added and before it is configured, this event is common. Event 1210 in the agent's Operations Manager event log indicates that the agent received and applied configuration. You receive this event after communication is established.
You can use the following steps to troubleshoot this issue:
If auto-approval for manually installed agents isn't enabled, confirm that the agent is approved.
Ensure that the following ports are enabled for communication:
- 5723 and TCP and UDP port 389 for LDAP.
- TCP and UDP port 88 for Kerberos authentication.
- TCP and UDP port 53 for DNS server.
This event can potentially indicate that Kerberos authentication is failing. Check for Kerberos errors in the Event Logs and troubleshoot.
Check if the DNS suffix has an incorrect domain. For example, the computer is joined to contoso1.com but the primary DNS suffix is set to contoso2.com.
Make sure the default domain name registry keys are correct. To verify, make sure that the following registry keys match your domain name:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonDefaultDomainName
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersDomain
A duplicate SPN for the Health Service can also cause event ID 21016. To find the duplicate SPN, run the following command:
If duplicate SPNs are registered, you must remove the SPN for the account that is not being used for the management server Health Service.
Event ID 20057 appears on the management server
An example of this event:
Log Name: Operations Manager
Source: OpsMgr Connector
Date: time
Event ID: 20057
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: <ComputerName>
Description:Failed to initialize security context for target MSOMHSvc/******The error returned is 0x80090311(No authority could be contacted for authentication.). This error can apply to either the Kerberos or the SChannel package.
Event IDs 21006, 21016 and 20057 are usually caused by firewalls or network problems that are preventing communication over the required ports. To troubleshoot this issue, check the firewalls between the client agent and the management server. The following ports must be open to enable correct authentication and communication:
- TCP and UDP port 389 for LDAP.
- TCP and UDP port 88 for Kerberos authentication.
Event ID 2010 and 2003 appear on the client agent
Examples of these events:
Log Name: Operations Manager
Source: HealthService
Date: data
Event ID: 2010
Task Category: Health Service
Level: Error
Keywords: Classic
User: N/A
Computer: <ComputerName>
Description: The Health Service cannot connect to Active Directory to retrieve management group policy. The error is Unspecified error (0x80004005)
Event Xml:
<Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event
'>
<System>
<Provider Name='HealthService' />
<EventID Qualifiers='49152'>2010/<EventID>
<Level>2</Level>
<Task>1</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime='2015-02-21T21:06:04.000000000Z' />
<EventRecordID>84143</EventRecordID>
<Channel>Operations Manager</Channel>
<Computer>ComputerName</Computer>
<Security />
</System>
<EventData>
<Data>Unspecified error</Data>
<Data>0x80004005</Data>
</EventData>
</Event>
Log Name: Operations Manager
Source: HealthService
Date: time
Event ID: 2003
Task Category: Health Service
Level: Information
Keywords: Classic
User: N/A
Computer: <ComputerName>
Description: No management groups were started. This may either be because no management groups are currently configured or a configured management group failed to start. The Health Service will wait for policy from Active Directory configuring a management group to run.
Event Xml:
<Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event
'>
<System>
<Provider Name='HealthService' />
<EventID Qualifiers='16384'>2003/<EventID>
<Level>4</Level>
<Task>1</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime='2015-02-21T21:06:04.000000000Z' />
<EventRecordID>84156</EventRecordID>
<Channel>Operations Manager</Channel>
<Computer>ComputerName</Computer>
<Security />
</System>
<EventData>
</EventData>
</Event>
If the agent is using Active Directory assignment, the event logs will also indicate a problem communicating with Active Directory.
If you see these event logs, confirm that the client agent can access Active Directory. Check firewalls, name resolution and general network connectivity.
Event ID 20070 combined with Event ID 21016
Examples of these events:
Log Name: Operations Manager
Source: OpsMgr Connector
Date: 6/13/2014 10:13:39 PM
Event ID: 21016
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: <ComputerName>
Description:
OpsMgr was unable to set up a communications channel to <ComputerName> and there are no failover hosts. Communication will resume when <ComputerName> is available and communication from this computer is allowed.
Log Name: Operations Manager
Source: OpsMgr Connector
Date: 6/13/2014 10:13:37 PM
Event ID: 20070
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: <ComputerName>
Description:
The OpsMgr Connector connected to <ComputerName>, but the connection was closed immediately after authentication occurred. The most likely cause of this error is that the agent is not authorized to communicate with the server, or the server has not received configuration. Check the event log on the server for the presence of 20000 events, indicating that agents which are not approved are attempting to connect.
When you see these events, it indicates that authentication occurred but then the connection was closed. This usually occurs because the agent hasn't been configured. To verify this, check whether event ID 20000 A device which is not part of this management group has attempted to access this health service is received on the management server.
These event logs can also occur if client agents are stuck in a Pending status and not visible in the console.
To verify, run the following command to check whether the agents are listed for manual approval:
If so, you can resolve this by running the following command to manually approve the agents:
Event ID 21023 appears on the client agent, while Event ID 29120, 29181 and 21024 appear on the management server
Epson Event Manager Xp-5100
Some examples of these events are included below.
Log Name: Operations Manager
Source: OpsMgr Connector
Event ID: 21023
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: <ComputerName>
Description:
OpsMgr has no configuration for management group <GroupName> and is requesting new configuration from the Configuration Service.
Log Name: Operations Manager
Source: OpsMgr Management Configuration
Event ID: 29120
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: <ComputerName>
Description:
OpsMgr Management Configuration Service failed to process configuration request (Xml configuration file or management pack request) due to the following exception
Log Name: Operations Manager
Source: OpsMgr Management Configuration
Event ID: 29181
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: <ComputerName>
Description:
OpsMgr Management Configuration Service failed to execute 'GetNextWorkItem' engine work item due to the following exception
Log Name: Operations Manager
Source: OpsMgr Management Configuration
Event ID: 29181
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: <ComputerName>
Description:
OpsMgr Management Configuration Service failed to execute 'LocalHealthServiceDirtyNotification' engine work item due to the following exception
Log Name: Operations Manager
Source: OpsMgr Management Configuration
Event ID: 21024
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: <ComputerName>
Description:
OpsMgr's configuration may be out-of-date for management group <GroupName>, and has requested updated configuration from the Configuration Service. The current(out-of-date) state cookie is '5dae4442500c9d3f8f7a883e83851994,906af60d48ed417fb1860b23ed67dd71:001662A3'
Log Name: Operations Manager
Source: OpsMgr Connector
Event ID: 29181
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: <ComputerName>
Description:
OpsMgr Management Configuration Service failed to execute 'DeltaSynchronization' engine work item due to the following exception
These events can occur when the delta synchronization process cannot build configuration within its configured timeout window of 30 seconds. This can occur when there is a large instance space.
To resolve this issue, increase the timeout on all management servers. To do this use one of the following methods:
Method 1
Make a backup copy of the following file:
Drive:Program FilesSystem Center 2012Operations ManagerServerConfigService.Config
Increase the timeout values in
ConfigService.config
with the following changes:Locate
<OperationTimeout DefaultTimeoutSeconds='30'>
, change 30 to 300.
Locate<Operation Name='GetEntityChangeDeltaList' TimeoutSeconds='180' />
, change 180 to 300.Restart the Configuration service.
In most cases, this should allow enough time for the synchronization process to complete.
Method 2
Install Update Rollup 3 or later for System Center 2012 R2 Operations Manager.
Add the following registry value on the server that's running System Center 2012 R2 Operations Manager to configure the timeout:
- Registry subkey:
HKEY_LOCAL_MACHINESoftwareMicrosoft Operations Manager3.0Config Service
- DWORD name:
CommandTimeoutSeconds
- DWORD value: nn
Note
The default value for the placeholder nn is 30 seconds. You can change this value to control the timeout for delta synchronization.
- Registry subkey:
Other OpsMgr Connector event IDs
Event Manager X
Other OpsMgr Connector error events and the corresponding troubleshooting suggestions are listed below:
Epson Event Manager Xp 4100
Event | Description | More information |
---|---|---|
20050 | The specified certificate could not be loaded because the Enhanced Key Usage that's specified doesn't meet OpsMgr requirements. The certificate must have the following usage types: %n %n Server Authentication (1.3.6.1.5.5.7.3.1)%n Client Authentication (1.3.6.1.5.5.7.3.2)%n | Confirm the object identifier on the certificate. |
20057 | Failed to initialize security context for target %1 The error returned is %2(%3). This error can apply to either the Kerberos package or the SChannel package. | Check for duplicate or incorrect SPNs. |
20066 | A certificate for use with Mutual Authentication was specified. However, that certificate could not be found. The ability for this Health Service to communicate will likely be affected. | Check the certificate. |
20068 | The certificate that is specified in the registry at HKEY_LOCAL_MACHINESOFTWAREMicrosoftMicrosoft Operations Manager3.0Machine Settings cannot be used for authentication because the certificate does not contain a usable private key or because the private key is not present. The error is %1(%2). | Check for a missing or unassociated private key. Investigate the certificate. Re-import the certificate, or create a new certificate and import. |
20069 | The specified certificate could not be loaded because the KeySpec must be AT_KEYEXCHANGE | Check the certificate. Check the object identifier on the certificate. |
20070 | The OpsMgr Connector connected to %1. However, the connection was closed immediately after authentication occurred. The most likely cause of this error is that the agent is not authorized to communicate with the server or that the server has not received configuration. Check the event log on the server for the presence of 20000 events. These indicate that agents that are not approved are trying to connect. | Authentication occurred but the connection was closed. Confirm that ports are open and check agent pending approval. |
20071 | The OpsMgr Connector connected to %1. However, the connection was closed immediately without authentication occurring. The most likely cause of this error is a failure to authenticate either this agent or the server. Check the event log on the server and on the agent for events that indicate a failure to authenticate. | Authentication has failed. Check firewalls and port 5723. The agent computer must be able to reach port 5723 on the Management Server. Also confirm that TCP & UDP port 389 for LDAP, port 88 for Kerberos and port 53 for DNS are available. |
20072 | The remote certificate %1 was not trusted. The error is %2(%3). | Check whether the certificate is located in the trusted store. |
20077 | The certificate that is specified in the registry at HKEY_LOCAL_MACHINESOFTWAREMicrosoftMicrosoft Operations Manager3.0Machine Settings cannot be used for authentication because the certificate cannot be queried for property information. The specific error is %2(%3).%n %n. This typically means that no private key was included with the certificate. Please double-check to make sure that the certificate contains a private key. | There is a missing or unassociated private key. Investigate the certificate. Re-import the certificate, or create a new certificate and import. |
21001 | The OpsMgr Connector could not connect to %1 because mutual authentication failed. Verify that the SPN is registered correctly on the server and that, if the server is in a separate domain, there is a full-trust relationship between the two domains. | Check SPN registration. |
21005 | The OpsMgr Connector could not resolve the IP for %1. The error code is %2(%3). Please verify that DNS is working correctly in your environment. | This is usually a name resolution issue. Check DNS. |
21006 | The OpsMgr Connector could not connect to %1:%2. The error code is %3(%4). Please verify that there is network connectivity, that the server is running and has registered its listening port, and that there are no firewalls that are blocking traffic to the destination. | This is likely a general connectivity issue. Check the firewalls and confirm that port 5723 is open. |
21007 | The OpsMgr Connector cannot create a mutually authenticated connection to %1 because it is not in a trusted domain. | A trust is not established. Confirm that the certificate is in place and is configured correctly. |
21016 | OpsMgr could not set up a communications channel to %1, and there are no failover hosts. Communication will resume when %1 is available and communication from this computer is enabled. | This usually indicates an authentication failure. Confirm that the agent was approved for monitoring and that all ports are open. |
21021 | No certificate could be loaded or created. This Health Service will be unable to communicate with other health services. Look for previous events in the event log for more detail. | Check the certificate. |
21022 | No certificate was specified. This Health Service will be unable to communicate with other health services unless those health services are in a domain that has a trust relationship with this domain. If this health service has to communicate with health services in untrusted domains, please configure a certificate. | Check the certificate. |
21035 | Registration of an SPN for this computer with the '%1' service class failed with error '%2.' This may cause Kerberos authentication to or from this Health Service to fail. | This indicates a problem with SPN registration. Investigate SPNs for Kerberos authentication. |
21036 | The certificate that is specified in the registry at HKEY_LOCAL_MACHINESOFTWAREMicrosoftMicrosoft Operations Manager3.0Machine Settings cannot be used for authentication. The error is %1(%2). | This is usually a missing or unassociated private key. Investigate the certificate. Re-import the certificate, or create a new certificate and import it. |